A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages

Updated openssl packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 7.

A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293)